Kindle4NTHacking

UNFORTUNATELY, THIS NOTICE SEEMS TO BE NECESSARY: This page is not a "cookbook", and it does NOT contain "recipes" that you should follow without thinking.

This page contains technical descriptions for a complex device. If you follow the procedures outlined below (especially the more technical ones), you should AT LEAST have a rough understanding of what you are doing, and be able to describe the expected result. If you don't know what to expect, then it's likely that you don't know what you are actually doing, so it might be better to refrain from doing it in the first place.

One of the first things you should do upon unlocking shell access to your device is BACKING IT UP!. Trust us, you'll be glad you did.

The jailbreak itself does not yet allow you to do much. In fact, it only installs an additional "developer" key on the device, allowing for the installation of additional packages via the Kindle's own update mechanism.

This method works on Kindle 4 version 4.0.0 through 4.1.2.

Carefully read all of the instructions below, and follow them only after you have read everything and are sure what to do.

Well, check the Index for misc stuff (custom screen savers? fonts?), but for more fun stuff, you'll want to gain SSH access to this thing.
You have two possibilities, one of them depending on the age of your device:

SSH in diagnostics mode is disabled on newer devices (black Kindles from fall 2012, and potentially some silver ones, too, depending on their assembly date) but you can install the USBNet package which, among other things, will setup an SSH server on your device.

To install the USBNet package download kindle-usbnetwork-0.xx.N-k4.rar from the list of attached files and follow the instructions in the included README_FIRST.txt.

(Windows and OS X users, see the relevant passage in the next section for the gory details on how to deal with the network configuration).

Plug in the USB cable and go to usb networking: Misc individual diagnostics -> Utilities -> Enable USBnet -> Exit. This will enable network access to your Kindle via USB. (For the driver setup on the host-PC see this page)

Give the new USB network interface its IP address. This is the address your host computer wears when it does networking over this interface. The Kindle expects ssh traffic to come from a particular IP and so the interfaces IP must match this. This interface address is NOT the address of the Kindle. It is the address of the host machine in the context of USB networking. IP 192.168.15.201 Subnet 255.255.255.0 (ifconfig usb0 192.168.15.201 on Linux) (netsh int ip set address "*name of connection given by Windows*" static 192.168.15.201 255.255.255.0, run cmd as admin) on Windows.

.

Connect to root@192.168.15.244 using your favorite SSH client (Mac OS users can use Terminal, type ssh root@192.168.15.244). If you unbricked your Kindle with an image from one of our debricking threads, chances are the password will be mario.

When trying to connect to an eduroam network the Kindle NT 4 typically throws an error message saying it cannot connect to enterprise networks. Follow the steps listed below to make it work anyhow. The procedure is basically just a merger of prior work from David Antoš and Andrew Beresford.

1. Leave the proximity of any eduroam networks

2. On a router under your control with WPA-PSK authentication and internet access create a network named eduroam

7. Download the PEM certificate for your institution. You might get away by fetching AddTrust_External_Root.pem from a standard linux distribution. I actually had to download deutsche-telekom-ca-2.pem for accessing eduroam in Germany but that may differ depending on your institution. Rename the certificate to certificate.pem and copy it to the freshly created folder.

$ scp certificate.pem kindle:/usr/local/wpa-enterprise-hack

8. Create a script called wpa_config.sh in /usr/local/wpa-enterprise-hack with the following content replacing user@institution.org with the e-mail address at your university or research facility and 123456789 with your password. The script patches the eduroam settings upon each reboot (yes that may seem like a weird approach, but it's actually necessary)